Commit 79f7d599 authored by Kristian Klausen's avatar Kristian Klausen 🎉
Browse files
parent bb5ce6ef
...@@ -10,12 +10,11 @@ ...@@ -10,12 +10,11 @@
- sources (sources.archlinux.org) - sources (sources.archlinux.org)
- archive (archive.archlinux.org) - archive (archive.archlinux.org)
## luna ## lists.archlinux.org
### Services ### Services
- mailman - mailman
- projects (projects.archlinux.org)
## archlinux.org ## archlinux.org
......
...@@ -163,17 +163,6 @@ ...@@ -163,17 +163,6 @@
256 MD5:3c:91:d8:b0:4b:5c:36:40:79:27:8a:c7:24:d6:26:af root@archlinux-packer (ED25519) 256 MD5:3c:91:d8:b0:4b:5c:36:40:79:27:8a:c7:24:d6:26:af root@archlinux-packer (ED25519)
3072 MD5:88:99:f2:47:b1:e3:3c:99:52:67:d5:d5:55:b0:af:2c root@archlinux-packer (RSA) 3072 MD5:88:99:f2:47:b1:e3:3c:99:52:67:d5:d5:55:b0:af:2c root@archlinux-packer (RSA)
# luna.archlinux.org
1024 SHA256:9Nqu9y1LhT3L3Kd6J9CSyuOc1AdGWo0eLsPxoc5bpaw root@alderaan (DSA)
256 SHA256:L71Q91yHwmHPYYkJMDgj0xmUuw16qFOhJbBr1mzsiOI root@alderaan (ECDSA)
256 SHA256:HQ03dn6EasJHNDlt51KpQpFkT3yBX83x7BoIkA1iv2k root@alderaan.archlinux.org (ED25519)
2048 SHA256:Ju+yWiMb/2O+gKQ9RJCDqvRg7l+Q95KFAeqM5sr6l2s root@alderaan (RSA)
1024 MD5:f2:56:a9:3c:4d:f9:b7:88:7f:e4:a6:7c:eb:55:c0:15 root@alderaan (DSA)
256 MD5:11:d1:4c:ae:9a:4f:15:06:d7:c8:0a:b4:08:02:aa:95 root@alderaan (ECDSA)
256 MD5:1d:92:08:da:8e:a1:fb:1c:c5:65:00:c8:15:a4:87:32 root@alderaan.archlinux.org (ED25519)
2048 MD5:c4:7f:00:d4:5e:c7:23:45:97:bb:40:ec:15:ce:7c:a9 root@alderaan (RSA)
# mail.archlinux.org # mail.archlinux.org
1024 SHA256:/d3MC4NoQbPSNgNebFyzNCze4HVHPhITVWy9vWdZUp4 root@archlinux-packer (DSA) 1024 SHA256:/d3MC4NoQbPSNgNebFyzNCze4HVHPhITVWy9vWdZUp4 root@archlinux-packer (DSA)
256 SHA256:IbQnu28PPf6iZnr6DPwzITD4o2DznYMO6j0mkjZXasE root@archlinux-packer (ECDSA) 256 SHA256:IbQnu28PPf6iZnr6DPwzITD4o2DznYMO6j0mkjZXasE root@archlinux-packer (ECDSA)
......
...@@ -73,11 +73,6 @@ lists.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlz ...@@ -73,11 +73,6 @@ lists.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlz
lists.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOVKwNsXUXpgNhlwPVlBRNlpvOt0U9deANS/n//nxbe1 lists.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOVKwNsXUXpgNhlwPVlBRNlpvOt0U9deANS/n//nxbe1
lists.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCuKQnkGRdXyu74f92lzJcQMMDjTzVXkne/mLHiMYKQWlboIBIry3FkzyUGDLbNlZOe4PNR43D9FI0/1EjAuVV72HVQ9sidCbJR/azw3+JF8zwU1HDMOhtCNaWYNqk0DHDvHuWhL6N0duFASf+ZTKRB5Rgk3+p0FisKMCep2vJy5kHY0829INk6ORgPxYzCHCZOLEfZX0aydwscTnubKq1t9blWUdqKSm5Xq5+NEJNPKlo6TgdcBihkdAyaGnZ9KWrXycV6j0UaT/VJNuumZ9KlsvI7Xi/TVDWcLcsU/UqeEvnzUi3oRrvkADzIcoFa5/QrSRQJppKAUgjuhOuk+Px38IIvRdrwDxDoChei+qU8S2O24PP7Cu4oYZ/ecGb8wJleEWVVaYrD5JTEugg0iTe2t0LJiP6rTC1faxErZ9wru18nGNWYR2b+b1MfBzppAoikZUoqygKYYLAerHj3B9wFmw2RJG8JFZ95lMukJmDG8kCYz7eq753PYAAmpFZbdZU= lists.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCuKQnkGRdXyu74f92lzJcQMMDjTzVXkne/mLHiMYKQWlboIBIry3FkzyUGDLbNlZOe4PNR43D9FI0/1EjAuVV72HVQ9sidCbJR/azw3+JF8zwU1HDMOhtCNaWYNqk0DHDvHuWhL6N0duFASf+ZTKRB5Rgk3+p0FisKMCep2vJy5kHY0829INk6ORgPxYzCHCZOLEfZX0aydwscTnubKq1t9blWUdqKSm5Xq5+NEJNPKlo6TgdcBihkdAyaGnZ9KWrXycV6j0UaT/VJNuumZ9KlsvI7Xi/TVDWcLcsU/UqeEvnzUi3oRrvkADzIcoFa5/QrSRQJppKAUgjuhOuk+Px38IIvRdrwDxDoChei+qU8S2O24PP7Cu4oYZ/ecGb8wJleEWVVaYrD5JTEugg0iTe2t0LJiP6rTC1faxErZ9wru18nGNWYR2b+b1MfBzppAoikZUoqygKYYLAerHj3B9wFmw2RJG8JFZ95lMukJmDG8kCYz7eq753PYAAmpFZbdZU=
# luna.archlinux.org
luna.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOZAVWmj2k+dHTfyum7FyIivGcVUkDFHaXmPNxDwF7l8TvkAN8VDQJHEEGJhALMYtNsQ+kt0gksSh4HZqj9n5hI=
luna.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM2DCBtPSTwWvBU3/3bAYwJVtnAmy+GEJf98Ek5QhOXh
luna.archlinux.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDErOc9MQyj8vf20sZrcVOU+bxfa6B0DVl28pUdG+03seGM+bTVT84HnCcKwz7iASvGSJSAWfzYUQa6Gq8JuDWATd419L8Rtou0UEoK30c9oprGfCmB4extsFkEpMDihnvpUyK/qwBukCY8WxRx9MsZAVgmyQSt3ibBrExnm0+RckctYlJf19/LF+W1ckzNcnbG5Yc/54W7/B2P4iCglniYZMjQpfVPALVc2Iew0GpEWj0wQbpxenPgOZWDgFcQCYxHGgCVUaBSTcbeT4CgwqI4O1+P2X/JVkdwYfD4+j99VQAlA5z+jsCsacMqRiWSu+p7urCED2VIoApg2fffwtv3
# mail.archlinux.org # mail.archlinux.org
mail.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFvJy2P8zOSKt3EocULHN85PVGW1AINk15+GilqUc5a79Zsy0FvWqV16fjxLRN3zIOkBvSKZMvsNadja+quEr9s= mail.archlinux.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFvJy2P8zOSKt3EocULHN85PVGW1AINk15+GilqUc5a79Zsy0FvWqV16fjxLRN3zIOkBvSKZMvsNadja+quEr9s=
mail.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICTOoGxsf23f6AjIHcQQuvbTOaeIt48Y0PiBj9qlJi1H mail.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICTOoGxsf23f6AjIHcQQuvbTOaeIt48Y0PiBj9qlJi1H
......
[hetzner] [hetzner]
luna.archlinux.org
secure-runner1.archlinux.org secure-runner1.archlinux.org
gemini.archlinux.org gemini.archlinux.org
...@@ -27,7 +26,6 @@ europe.mirror.pkgbuild.com ...@@ -27,7 +26,6 @@ europe.mirror.pkgbuild.com
[borg_clients] [borg_clients]
archlinux.org archlinux.org
aur-dev.archlinux.org aur-dev.archlinux.org
luna.archlinux.org
state.archlinux.org state.archlinux.org
matrix.archlinux.org matrix.archlinux.org
quassel.archlinux.org quassel.archlinux.org
...@@ -56,7 +54,6 @@ u236610.your-storagebox.de ...@@ -56,7 +54,6 @@ u236610.your-storagebox.de
homedir.archlinux.org homedir.archlinux.org
[mysql_servers] [mysql_servers]
luna.archlinux.org
bbs.archlinux.org bbs.archlinux.org
bugs.archlinux.org bugs.archlinux.org
aur.archlinux.org aur.archlinux.org
...@@ -73,7 +70,6 @@ man.archlinux.org ...@@ -73,7 +70,6 @@ man.archlinux.org
[nginx] [nginx]
archlinux.org archlinux.org
luna.archlinux.org
bbs.archlinux.org bbs.archlinux.org
bugs.archlinux.org bugs.archlinux.org
aur.archlinux.org aur.archlinux.org
...@@ -131,7 +127,6 @@ bbs.archlinux.org ...@@ -131,7 +127,6 @@ bbs.archlinux.org
build.archlinux.org build.archlinux.org
bugs.archlinux.org bugs.archlinux.org
gemini.archlinux.org gemini.archlinux.org
luna.archlinux.org
repro1.pkgbuild.com repro1.pkgbuild.com
wiki.archlinux.org wiki.archlinux.org
patchwork.archlinux.org patchwork.archlinux.org
......
---
- name: setup luna
hosts: luna.archlinux.org
remote_user: root
tasks:
- name: open firewall holes for services
ansible.posix.firewalld: service={{ item }} permanent=true state=enabled immediate=yes
with_items:
- http
- https
- rsyncd
- smtp
- git
when: configure_firewall
tags:
- firewall
- name: open firewall holes for ports
ansible.posix.firewalld: port={{ item }} permanent=true state=enabled immediate=yes
with_items:
- 6969/tcp
- 4949/tcp
when: configure_firewall
tags:
- firewall
roles:
- nginx
- rspamd
- { role: mariadb, mariadb_query_cache_type: '0', mariadb_innodb_file_per_table: true }
- { role: prometheus_exporters }
- { role: promtail }
...@@ -10,9 +10,7 @@ ...@@ -10,9 +10,7 @@
}; };
# no rate-limit for some authenticated users # no rate-limit for some authenticated users
# luna is handling mailman and other services that distribute a lot of mail.
&&NO_RATE_LIMIT_USERS { &&NO_RATE_LIMIT_USERS {
sasl_username=luna
sasl_username=aur; sasl_username=aur;
}; };
id=NoRateLimit; id=NoRateLimit;
......
...@@ -23,7 +23,6 @@ blackbox_targets: ...@@ -23,7 +23,6 @@ blackbox_targets:
- https://dev.archlinux.org - https://dev.archlinux.org
- https://europe.archive.pkgbuild.com - https://europe.archive.pkgbuild.com
- https://europe.mirror.pkgbuild.com - https://europe.mirror.pkgbuild.com
- https://git.archlinux.org
- https://gitlab.archlinux.org - https://gitlab.archlinux.org
- https://ipxe.archlinux.org - https://ipxe.archlinux.org
- https://logging.archlinux.org - https://logging.archlinux.org
...@@ -45,7 +44,6 @@ blackbox_targets: ...@@ -45,7 +44,6 @@ blackbox_targets:
- https://ping.archlinux.org - https://ping.archlinux.org
- https://pkgbuild.com - https://pkgbuild.com
- https://planet.archlinux.org - https://planet.archlinux.org
- https://projects.archlinux.org
- https://repos.archlinux.org/lastupdate - https://repos.archlinux.org/lastupdate
- https://reproducible.archlinux.org - https://reproducible.archlinux.org
- https://security.archlinux.org - https://security.archlinux.org
......
...@@ -197,7 +197,7 @@ locals { ...@@ -197,7 +197,7 @@ locals {
# - ttl (optional) # - ttl (optional)
# #
# Example: # Example:
# "lists" = { mx = "luna", ttl = 600 } # "lists" = { mx = "lists", ttl = 600 }
archlinux_org_mx = { archlinux_org_mx = {
"@" = { mx = "mail", ttl = 600 } "@" = { mx = "mail", ttl = 600 }
aur = { mx = "mail", ttl = 600 } aur = { mx = "mail", ttl = 600 }
...@@ -235,10 +235,6 @@ locals { ...@@ -235,10 +235,6 @@ locals {
ipv4_address = "49.12.124.107" ipv4_address = "49.12.124.107"
ipv6_address = "2a01:4f8:242:5614::2" ipv6_address = "2a01:4f8:242:5614::2"
} }
luna = {
ipv4_address = "5.9.250.164"
ipv6_address = "2a01:4f8:160:3033::2"
}
master-key = { master-key = {
ipv4_address = hcloud_server.machine["archlinux.org"].ipv4_address ipv4_address = hcloud_server.machine["archlinux.org"].ipv4_address
ipv6_address = hcloud_server.machine["archlinux.org"].ipv6_address ipv6_address = hcloud_server.machine["archlinux.org"].ipv6_address
...@@ -280,13 +276,11 @@ locals { ...@@ -280,13 +276,11 @@ locals {
archive = { value = "gemini" } archive = { value = "gemini" }
dev = { value = "www" } dev = { value = "www" }
g2kjxsblac7x = { value = "gv-i5y6mnrelvpfiu.dv.googlehosted.com." } g2kjxsblac7x = { value = "gv-i5y6mnrelvpfiu.dv.googlehosted.com." }
git = { value = "luna" }
ipxe = { value = "www" } ipxe = { value = "www" }
mailman = { value = "redirect" } mailman = { value = "redirect" }
packages = { value = "www" } packages = { value = "www" }
ping = { value = "redirect" } ping = { value = "redirect" }
planet = { value = "www" } planet = { value = "www" }
projects = { value = "luna" }
repos = { value = "gemini" } repos = { value = "gemini" }
rsync = { value = "gemini" } rsync = { value = "gemini" }
sources = { value = "gemini" } sources = { value = "gemini" }
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment